Security Advisory

CVE-2025-70958

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-02 00:00:00

Last updated 2026-02-03 14:40:31

Assigner mitre

State PUBLISHED

Description

Multiple reflected cross-site scripting (XSS) vulnerabilities in the installation module of Subrion CMS v4.2.1 allows attackers to execute arbitrary Javascript in the context of the users browser via injecting a crafted payload into the dbuser, dbpwd, and dbname parameters.

← Browse all CVEs View on cve.org ↗